Search the Community
Showing results for tags 'redirect'.
SPEAR - Redirect to SMB April 13, 2015 By Brian Wallace We’ve uncovered a new technique for stealing sensitive login credentials from any Windows PC, tablet or server, including ones running previews of the yet-to-be-released Windows 10 operating system. Software from at least 31 companies including Adobe, Apple, Box, Microsoft, Oracle and Symantec can be exploited using this vulnerability, which we have dubbed Redirect to SMB. Carnegie Mellon University CERT disclosed the vulnerability to the public today (#VU672268), following six weeks of working with vendors to help them mitigate the issu
# Affected software: kunstmaan cms # Type of vulnerability: redirect vulnerability # URL: bundles.kunstmaan.be # Discovered by: Provensec # Website: http://www.provensec.com #version: not specified on domain # Proof of concept http://demo.bundles.kunstmaan.be/en/admin/media/delete/9?redirectUrl=http://google.com Source